X-GRIP Show all

Privacy policy

This statement describes how we, as the data controller, store your personal data in connection with our website, within the internal framework of your goods purchase, and when contacting us. The general provisions apply to all processing operations.

The legal basis

The legal basis for the processing of personal data is the EU General Data Protection Regulation (GDPR), the Austrian Data Protection Act (DSG), and the Telecommunications Act (TKG) in their currently valid versions.

Name and Contact Details of the Data Controller
BADX GmbH
Joess-Gewerbegebiet 209
ATU70580007
FN 450170s Regional Court for ZRS Graz
Tel.: +43 664 8588989
Email: info@x-grip.at
(hereinafter referred to as “BADX” or “X-GRIP”)

General Provisions

Data Security

BADX employs technical and organizational security measures to protect stored personal data against accidental or intentional manipulation, loss, or destruction and against unauthorized access. Our security measures are continuously improved in line with technological progress.

Your Rights Regarding Personal Data

You have the right to:

  • check whether and what personal data we have stored about you and to receive copies of this data,
  • request correction, supplementation, or deletion of your personal data that is incorrect or not processed in accordance with the law,
  • request us to restrict the processing of your personal data,
  • object to the processing of your personal data under certain circumstances or to revoke consent given for processing,
  • request data portability,
  • know the identity of third parties to whom your personal data is transmitted,
  • lodge a complaint with the competent authority.

Complaint Option

You have the right to lodge a complaint about the processing of your personal data with the competent supervisory authority. In Austria, the Data Protection Authority is responsible.

The Website www.x-grip.at

Website Visitors

Processed Data and Purpose of Processing

The following information about you is collected during your visit (there is no obligation to provide this data):

  • anonymized IP address
  • date and time of access
  • name and URL of the accessed file
  • website from which the access occurs (referrer URL)
  • used browser and, if applicable, the operating system of your computer, as well as the name of your access provider
  • certain cookies (see below)

This is done to provide you with this website and to further improve and develop it, to create usage statistics, and to detect, prevent, and investigate attacks on our website.

Legal Basis

Processing is based on our predominant legitimate interest (Art. 6(1)(f) GDPR) to achieve the purposes mentioned above.

Duration of Storage

We only store anonymized IP addresses of website visitors. The establishment of a personal reference is no longer possible.

Registered Customers

(→ Storage of email address, password, name, address, order and payment details, etc. for the purposes of order processing, customer communication, fraud prevention, and website improvement. Legal basis: Art. 6 (1) (b) GDPR, additional legitimate interest pursuant to Art. 6 (1) (f) GDPR. Storage for as long as the account exists or in accordance with legal obligations.)

Non-registered customers – guest orders

(→ Storage of name, address, contact and order data exclusively for the purpose of order processing. Legal basis: Art. 6 (1) (b) GDPR and legitimate interest pursuant to Art. 6 (1) (f) GDPR. Storage until order processing is complete and beyond that only in accordance with legal obligations.)

Payment data – Provision of your personal data

We use payment service providers (e.g., Klarna Bank AB, Sofort GmbH, Unzer, Österreichische Post AG) to process payments. We have concluded data processing agreements with all service providers in accordance with Art. 28 GDPR.

Your payment data is entered exclusively on the respective provider’s portal, not on our website.

Google Analytics

We use Google Analytics (Google Inc., USA) with cookies. Processing is based on our predominant legitimate interest in simple, cost-effective website statistics (Art. 6(1)(f) GDPR).

The cookie-generated information about your website use (including IP address and accessed URLs) is transmitted to Google servers in the USA and stored there. We do not store Analytics data ourselves. IP anonymization is enabled; Google shortens/anonymizes your IP upon receipt. On our behalf, Google compiles usage reports and provides related services. Your IP transmitted for Analytics is not merged with other Google data.

Retention: User and event data in Analytics are stored for 26 months after last activity.

You can block cookies via browser settings; some site functions may be limited. You can also prevent Google’s collection via the browser add-on: http://tools.google.com/dlpage/gaoptout?hl=de.

Google is certified under the EU-US Privacy Shield (note: historical reference) and we have an Art. 28 GDPR processing contract with Google. Further information: Google Analytics Terms and Privacy Policy.

Google Maps

We use Google Maps to display locations. When using Maps, information such as date/time of visit, device data, internet address, IP address, and (for route planning) the entered address may be transmitted to Google servers in the USA. We have no influence on which personal data Google processes in this context.

Terms and further information: Google Maps Terms, Google Privacy Policy.

Cookies, Sessions, and Logfiles

This website uses cookies. Cookies provide additional functionality (e.g., easier navigation, resuming use, saving preferences). Cookies cannot access/read/modify other data on your computer.

Most cookies are session cookies (deleted when you leave the website). Persistent cookies remain until manually deleted and are used, for example, to recognize you on return visits. This serves our legitimate interests under Art. 6(1)(f) GDPR (e.g., maintaining your shopping cart and showing personalized products).

No personal data is stored in cookies, sessions, or log files. These files cannot transfer viruses, spy on your computer, or send emails. Each web server can read only the cookies it has set.

You can control cookies via browser settings (notifications, blocking, deletion). Blocking/deleting cookies may affect the online experience and limit website functionality.

Internal Processing of Your Orders

System Maintenance – Transmission of Your Personal Data

We use IT service providers for system maintenance who may have access to personal data in the course of their work. They have committed to data protection; Art. 28 GDPR processing agreements are in place.

 Legal Basis for Processing

Art. 6(1)(b) GDPR; additionally our predominant legitimate interest under Art. 6(1)(f) GDPR.

Duration of Storage

Data is stored for the duration of the business relationship (from initiation through execution) and beyond in accordance with statutory retention and documentation duties (e.g., UGB, BAO), and until any legal disputes, warranty, guarantee, and limitation periods end. An overview of periods can be found here.

Other Communication with X-GRIP

Contacting X-GRIP

When you contact us via website form or email (e.g., inquiry, order, warranty case), the data you provide is stored to process your request and for follow-up questions. You decide which data to provide; however, not providing certain data (e.g., name and address) may prevent us from processing your request.

Legal Basis for Processing

Art. 6(1)(b) GDPR; additionally our legitimate interest under Art. 6(1)(f) GDPR to fulfill the purposes mentioned above.

Duration of Storage

Data is stored for 6 months. Data related to orders may be stored longer as indicated above.

Saved to clipboard